Q. How do
I password protect a folder on the web server?

NOTE: By password protecting your folder, you are protecting
all the documents which reside in that folder. Please note that on
our server, it is not possible to password protect a single document.
Protection must take place at the folder level.

passwords.txt

This method allows you to assign a username and password pair that must
be entered to access files in the directory. Create a plain text file
named passwords.txt and
save it in the directory you wish to password protect. In the text file,
type the username and password (separated by a single space) that will
allow access to the directory. You can create multiple usernames and
passwords as long as you separate them with a carriage return. Usernames
and passwords are case sensitive. Usernames should not include # & !
@ , but can use any letters or numbers.

Example:

student beloved
CS101 yahoo

When someone tries to access a web page in this directory the browser
will prompt for a username & password. If the user uses the username student and password beloved (or the username cs101 and password yahoo) the page will be
displayed. If the user enters a username/password combination not included
in the passwords.txt file, uses the wrong case, or mixes one username
with another password (eg. CS101 and beloved) the server responds with
an "unauthorized" page.

ldapuids.txt

This method is used when you want to use the university's LDAP server
to authenticate users. Authorized users will enter their Seawolf username and password to access your site.

NOTE: When you link to a file in a directory protected with ldapuids.txt,
you must begin the link URL with https (not http). This ensures the
username and password are encrypted while traveling over the network.

Only users with a
valid Seawolf (LDAP) username and password will
be able to view files in the protected directory.

Create a plain
text file named "ldapuids.txt".

Choose one or more of the options below to give users access to the directory.

To give access to a specific user, add that person's Seawolf (LDAP) username.

To give access to all the employees in a specific university department
or division, add the CMS department code, beginning with an @. Note:
this option is not available on www.students.sonoma.edu.

To give access to all the students in a class, add the the course ID, beginning
with an &. Note:
this option is not available on www.students.sonoma.edu.

Save the ldapuids.txt file.

Upload ldapuids.txt to the directory on www.sonoma.edu that you want to password protect.

Note: Do NOT include passwords in the ldapuids.txt file.

Examples

Here are some examples of the types of entries
that can be made in the ldapuids.txt file.

smithja

Give access to the person who has the Seawolf (LDAP) ID smithja.

ANY

Give access to anyone with a current Seawolf (LDAP) ID account - students, staff and faculty, and consultants who've been given SSU LDAP accounts.

@0001

Give access to all SSU employees (including student assistants).
Departments use the CMS department code and begin with an @ . In
the CMS org chart, all employees ultimately report to the university
president, so using the President's Office department code, 0001,
gives access to all employees.

&ENGL-101-001-09-SP

Give access to all students enrolled in the Spring English 101 section 1.
Courses are in the format &department-coursenumber-sectionnumber-year-term.
Years are always in 2-digit format: for example, 09 for 2009 or 10 for 2010. Terms are WI (winter), SP (spring), SU (summer) and FA (fall).

&ENGL-*

Using the * as a wildcard give all students taking an English class access.

You can give multiple groups and individuals access by including each
on a separate line in the ldapuids.txt.
The example below would give access to the individual user (mooreb), all employees in Instructional Technology Services (@3103), and all CS-101 students: